From f2d8cf4fb62b13bcd8f73f645c2b915b5078de76 Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Tue, 31 Jan 2023 09:27:36 +0400 Subject: [PATCH 01/11] add ext peers field to host update --- logic/peers.go | 1 + models/mqtt.go | 1 + 2 files changed, 2 insertions(+) diff --git a/logic/peers.go b/logic/peers.go index 05f3ee84..c4ed98a0 100644 --- a/logic/peers.go +++ b/logic/peers.go @@ -412,6 +412,7 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { extPeers, extPeerIDAndAddrs, err := getExtPeers(&node) if err == nil { hostPeerUpdate.Peers = append(hostPeerUpdate.Peers, extPeers...) + hostPeerUpdate.ExtPeers = extPeers for _, extPeerIdAndAddr := range extPeerIDAndAddrs { hostPeerUpdate.PeerIDs[extPeerIdAndAddr.ID] = make(map[string]models.IDandAddr) hostPeerUpdate.PeerIDs[extPeerIdAndAddr.ID][extPeerIdAndAddr.ID] = models.IDandAddr{ diff --git a/models/mqtt.go b/models/mqtt.go index 5fb1781e..7b778045 100644 --- a/models/mqtt.go +++ b/models/mqtt.go @@ -25,6 +25,7 @@ type HostPeerUpdate struct { Peers []wgtypes.PeerConfig `json:"peers" bson:"peers" yaml:"peers"` PeerIDs HostPeerMap `json:"peerids" bson:"peerids" yaml:"peerids"` ProxyUpdate proxy_models.ProxyManagerPayload `json:"proxy_update" bson:"proxy_update" yaml:"proxy_update"` + ExtPeers []wgtypes.PeerConfig `json:"ext_peers" bson:"ext_peers" yaml:"ext_peers"` } // NetworkInfo - struct for network info From 56d26b5ea007af2e731f7e686b7fd7183918c370 Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Tue, 31 Jan 2023 10:21:10 +0400 Subject: [PATCH 02/11] add ingress model to host peer update --- logic/peers.go | 22 ++++++++++++++++++++-- models/mqtt.go | 11 ++++++++++- 2 files changed, 30 insertions(+), 3 deletions(-) diff --git a/logic/peers.go b/logic/peers.go index c4ed98a0..07a4435c 100644 --- a/logic/peers.go +++ b/logic/peers.go @@ -315,6 +315,7 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { if !node.Connected || node.Action == models.NODE_DELETE || node.PendingDelete { continue } + hostPeerUpdate.Network[node.Network] = models.NetworkInfo{ DNS: getPeerDNS(node.Network), } @@ -323,6 +324,18 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { log.Println("no network nodes") return models.HostPeerUpdate{}, err } + var ingressInfo models.IngressInfo + if node.IsIngressGateway { + ingressInfo = models.IngressInfo{ + Network: node.Network, + IngressGwAddr: net.IPNet{ + IP: net.ParseIP(node.PrimaryAddress()), + Mask: net.CIDRMask(32, 32), + }, + ExtPeers: make(map[string]wgtypes.PeerConfig), + Peers: make(map[string]wgtypes.PeerConfig), + } + } for _, peer := range currentPeers { if peer.ID == node.ID { logger.Log(2, "peer update, skipping self") @@ -384,7 +397,9 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { allowedips = append(allowedips, getEgressIPs(&node, &peer)...) } peerConfig.AllowedIPs = allowedips - + if node.IsIngressGateway { + ingressInfo.Peers[peerConfig.PublicKey.String()] = peerConfig + } if _, ok := hostPeerUpdate.PeerIDs[peerHost.PublicKey.String()]; !ok { hostPeerUpdate.PeerIDs[peerHost.PublicKey.String()] = make(map[string]models.IDandAddr) hostPeerUpdate.Peers = append(hostPeerUpdate.Peers, peerConfig) @@ -412,7 +427,10 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { extPeers, extPeerIDAndAddrs, err := getExtPeers(&node) if err == nil { hostPeerUpdate.Peers = append(hostPeerUpdate.Peers, extPeers...) - hostPeerUpdate.ExtPeers = extPeers + for _, extPeer := range extPeers { + ingressInfo.ExtPeers[extPeer.PublicKey.String()] = extPeer + } + hostPeerUpdate.IngressInfo = append(hostPeerUpdate.IngressInfo, ingressInfo) for _, extPeerIdAndAddr := range extPeerIDAndAddrs { hostPeerUpdate.PeerIDs[extPeerIdAndAddr.ID] = make(map[string]models.IDandAddr) hostPeerUpdate.PeerIDs[extPeerIdAndAddr.ID][extPeerIdAndAddr.ID] = models.IDandAddr{ diff --git a/models/mqtt.go b/models/mqtt.go index 7b778045..28db423d 100644 --- a/models/mqtt.go +++ b/models/mqtt.go @@ -1,6 +1,8 @@ package models import ( + "net" + proxy_models "github.com/gravitl/netclient/nmproxy/models" "golang.zx2c4.com/wireguard/wgctrl/wgtypes" ) @@ -25,7 +27,14 @@ type HostPeerUpdate struct { Peers []wgtypes.PeerConfig `json:"peers" bson:"peers" yaml:"peers"` PeerIDs HostPeerMap `json:"peerids" bson:"peerids" yaml:"peerids"` ProxyUpdate proxy_models.ProxyManagerPayload `json:"proxy_update" bson:"proxy_update" yaml:"proxy_update"` - ExtPeers []wgtypes.PeerConfig `json:"ext_peers" bson:"ext_peers" yaml:"ext_peers"` + IngressInfo []IngressInfo `json:"ingress_info" bson:"ext_peers" yaml:"ext_peers"` +} + +type IngressInfo struct { + Network string + IngressGwAddr net.IPNet + ExtPeers map[string]wgtypes.PeerConfig + Peers map[string]wgtypes.PeerConfig } // NetworkInfo - struct for network info From 841a61a0b2490e0cd00fe987a0aeb5caaf1ef191 Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Tue, 31 Jan 2023 11:10:23 +0400 Subject: [PATCH 03/11] get consolidated ingress update --- logic/peers.go | 34 ++++++++++++++++++---------------- models/mqtt.go | 7 +++---- 2 files changed, 21 insertions(+), 20 deletions(-) diff --git a/logic/peers.go b/logic/peers.go index 07a4435c..9bcccf68 100644 --- a/logic/peers.go +++ b/logic/peers.go @@ -304,6 +304,11 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { PeerIDs: make(models.HostPeerMap), ServerVersion: servercfg.GetVersion(), ServerAddrs: []models.ServerAddr{}, + IngressInfo: models.IngressInfo{ + IngressGwAddr: make(map[string]net.IPNet), + ExtPeers: make(map[string]wgtypes.PeerConfig), + Peers: make(map[string][]wgtypes.PeerConfig), + }, } logger.Log(1, "peer update for host ", host.ID.String()) peerIndexMap := make(map[string]int) @@ -324,18 +329,7 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { log.Println("no network nodes") return models.HostPeerUpdate{}, err } - var ingressInfo models.IngressInfo - if node.IsIngressGateway { - ingressInfo = models.IngressInfo{ - Network: node.Network, - IngressGwAddr: net.IPNet{ - IP: net.ParseIP(node.PrimaryAddress()), - Mask: net.CIDRMask(32, 32), - }, - ExtPeers: make(map[string]wgtypes.PeerConfig), - Peers: make(map[string]wgtypes.PeerConfig), - } - } + for _, peer := range currentPeers { if peer.ID == node.ID { logger.Log(2, "peer update, skipping self") @@ -398,7 +392,12 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { } peerConfig.AllowedIPs = allowedips if node.IsIngressGateway { - ingressInfo.Peers[peerConfig.PublicKey.String()] = peerConfig + if peers, ok := hostPeerUpdate.IngressInfo.Peers[peerHost.PublicKey.String()]; ok { + peers = append(peers, peerConfig) + hostPeerUpdate.IngressInfo.Peers[peerHost.PublicKey.String()] = peers + } else { + hostPeerUpdate.IngressInfo.Peers[peerHost.PublicKey.String()] = []wgtypes.PeerConfig{peerConfig} + } } if _, ok := hostPeerUpdate.PeerIDs[peerHost.PublicKey.String()]; !ok { hostPeerUpdate.PeerIDs[peerHost.PublicKey.String()] = make(map[string]models.IDandAddr) @@ -427,10 +426,13 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { extPeers, extPeerIDAndAddrs, err := getExtPeers(&node) if err == nil { hostPeerUpdate.Peers = append(hostPeerUpdate.Peers, extPeers...) - for _, extPeer := range extPeers { - ingressInfo.ExtPeers[extPeer.PublicKey.String()] = extPeer + hostPeerUpdate.IngressInfo.IngressGwAddr[node.Network] = net.IPNet{ + IP: net.ParseIP(node.PrimaryAddress()), + Mask: net.CIDRMask(32, 32), + } + for _, extPeer := range extPeers { + hostPeerUpdate.IngressInfo.ExtPeers[extPeer.PublicKey.String()] = extPeer } - hostPeerUpdate.IngressInfo = append(hostPeerUpdate.IngressInfo, ingressInfo) for _, extPeerIdAndAddr := range extPeerIDAndAddrs { hostPeerUpdate.PeerIDs[extPeerIdAndAddr.ID] = make(map[string]models.IDandAddr) hostPeerUpdate.PeerIDs[extPeerIdAndAddr.ID][extPeerIdAndAddr.ID] = models.IDandAddr{ diff --git a/models/mqtt.go b/models/mqtt.go index 28db423d..30a35985 100644 --- a/models/mqtt.go +++ b/models/mqtt.go @@ -27,14 +27,13 @@ type HostPeerUpdate struct { Peers []wgtypes.PeerConfig `json:"peers" bson:"peers" yaml:"peers"` PeerIDs HostPeerMap `json:"peerids" bson:"peerids" yaml:"peerids"` ProxyUpdate proxy_models.ProxyManagerPayload `json:"proxy_update" bson:"proxy_update" yaml:"proxy_update"` - IngressInfo []IngressInfo `json:"ingress_info" bson:"ext_peers" yaml:"ext_peers"` + IngressInfo IngressInfo `json:"ingress_info" bson:"ext_peers" yaml:"ext_peers"` } type IngressInfo struct { - Network string - IngressGwAddr net.IPNet + IngressGwAddr map[string]net.IPNet ExtPeers map[string]wgtypes.PeerConfig - Peers map[string]wgtypes.PeerConfig + Peers map[string][]wgtypes.PeerConfig } // NetworkInfo - struct for network info From 36cf202ad53f619c1991aae61d3ca2a08970bd4c Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Tue, 31 Jan 2023 12:37:22 +0400 Subject: [PATCH 04/11] extclient info model changes --- logic/peers.go | 27 ++++++++++++--------------- models/mqtt.go | 16 +++++++++++----- 2 files changed, 23 insertions(+), 20 deletions(-) diff --git a/logic/peers.go b/logic/peers.go index 9bcccf68..8e9a7546 100644 --- a/logic/peers.go +++ b/logic/peers.go @@ -306,8 +306,7 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { ServerAddrs: []models.ServerAddr{}, IngressInfo: models.IngressInfo{ IngressGwAddr: make(map[string]net.IPNet), - ExtPeers: make(map[string]wgtypes.PeerConfig), - Peers: make(map[string][]wgtypes.PeerConfig), + ExtPeers: make(map[string]models.ExtClientInfo), }, } logger.Log(1, "peer update for host ", host.ID.String()) @@ -329,7 +328,10 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { log.Println("no network nodes") return models.HostPeerUpdate{}, err } - + var extClientPeerMap map[string]models.PeerExtInfo + if node.IsIngressGateway { + extClientPeerMap = make(map[string]models.PeerExtInfo) + } for _, peer := range currentPeers { if peer.ID == node.ID { logger.Log(2, "peer update, skipping self") @@ -391,13 +393,9 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { allowedips = append(allowedips, getEgressIPs(&node, &peer)...) } peerConfig.AllowedIPs = allowedips - if node.IsIngressGateway { - if peers, ok := hostPeerUpdate.IngressInfo.Peers[peerHost.PublicKey.String()]; ok { - peers = append(peers, peerConfig) - hostPeerUpdate.IngressInfo.Peers[peerHost.PublicKey.String()] = peers - } else { - hostPeerUpdate.IngressInfo.Peers[peerHost.PublicKey.String()] = []wgtypes.PeerConfig{peerConfig} - } + extClientPeerMap[peerHost.PublicKey.String()] = models.PeerExtInfo{ + PeerConfig: peerConfig, + Allow: true, } if _, ok := hostPeerUpdate.PeerIDs[peerHost.PublicKey.String()]; !ok { hostPeerUpdate.PeerIDs[peerHost.PublicKey.String()] = make(map[string]models.IDandAddr) @@ -426,12 +424,11 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { extPeers, extPeerIDAndAddrs, err := getExtPeers(&node) if err == nil { hostPeerUpdate.Peers = append(hostPeerUpdate.Peers, extPeers...) - hostPeerUpdate.IngressInfo.IngressGwAddr[node.Network] = net.IPNet{ - IP: net.ParseIP(node.PrimaryAddress()), - Mask: net.CIDRMask(32, 32), - } for _, extPeer := range extPeers { - hostPeerUpdate.IngressInfo.ExtPeers[extPeer.PublicKey.String()] = extPeer + hostPeerUpdate.IngressInfo.ExtPeers[extPeer.PublicKey.String()] = models.ExtClientInfo{ + ExtPeer: extPeer, + Peers: extClientPeerMap, + } } for _, extPeerIdAndAddr := range extPeerIDAndAddrs { hostPeerUpdate.PeerIDs[extPeerIdAndAddr.ID] = make(map[string]models.IDandAddr) diff --git a/models/mqtt.go b/models/mqtt.go index 30a35985..6aa60413 100644 --- a/models/mqtt.go +++ b/models/mqtt.go @@ -1,8 +1,6 @@ package models import ( - "net" - proxy_models "github.com/gravitl/netclient/nmproxy/models" "golang.zx2c4.com/wireguard/wgctrl/wgtypes" ) @@ -31,9 +29,17 @@ type HostPeerUpdate struct { } type IngressInfo struct { - IngressGwAddr map[string]net.IPNet - ExtPeers map[string]wgtypes.PeerConfig - Peers map[string][]wgtypes.PeerConfig + ExtPeers map[string]ExtClientInfo +} + +type PeerExtInfo struct { + PeerConfig wgtypes.PeerConfig + Allow bool +} + +type ExtClientInfo struct { + ExtPeer wgtypes.PeerConfig + Peers map[string]PeerExtInfo } // NetworkInfo - struct for network info From 35c8fb3b41140d09fa92b18440a4feaf161d627d Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Tue, 31 Jan 2023 12:48:37 +0400 Subject: [PATCH 05/11] addd server to host update model --- logic/peers.go | 4 ++-- models/mqtt.go | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/logic/peers.go b/logic/peers.go index 8e9a7546..0149dee3 100644 --- a/logic/peers.go +++ b/logic/peers.go @@ -300,13 +300,13 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { } hostPeerUpdate := models.HostPeerUpdate{ Host: *host, + Server: servercfg.GetServer(), Network: make(map[string]models.NetworkInfo), PeerIDs: make(models.HostPeerMap), ServerVersion: servercfg.GetVersion(), ServerAddrs: []models.ServerAddr{}, IngressInfo: models.IngressInfo{ - IngressGwAddr: make(map[string]net.IPNet), - ExtPeers: make(map[string]models.ExtClientInfo), + ExtPeers: make(map[string]models.ExtClientInfo), }, } logger.Log(1, "peer update for host ", host.ID.String()) diff --git a/models/mqtt.go b/models/mqtt.go index 6aa60413..32d0e934 100644 --- a/models/mqtt.go +++ b/models/mqtt.go @@ -19,6 +19,7 @@ type PeerUpdate struct { // HostPeerUpdate - struct for host peer updates type HostPeerUpdate struct { Host Host `json:"host" bson:"host" yaml:"host"` + Server string `json:"server" bson:"server" yaml:"server"` ServerVersion string `json:"serverversion" bson:"serverversion" yaml:"serverversion"` ServerAddrs []ServerAddr `json:"serveraddrs" bson:"serveraddrs" yaml:"serveraddrs"` Network map[string]NetworkInfo `json:"network" bson:"network" yaml:"network"` From 62e7cc366e8a0e877e9b5c647b1150c06d71fd0d Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Tue, 31 Jan 2023 13:33:15 +0400 Subject: [PATCH 06/11] update ext client model --- logic/peers.go | 21 +++++++++++++-------- models/mqtt.go | 13 +++++++++---- 2 files changed, 22 insertions(+), 12 deletions(-) diff --git a/logic/peers.go b/logic/peers.go index 0149dee3..7ec822a2 100644 --- a/logic/peers.go +++ b/logic/peers.go @@ -394,8 +394,11 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { } peerConfig.AllowedIPs = allowedips extClientPeerMap[peerHost.PublicKey.String()] = models.PeerExtInfo{ - PeerConfig: peerConfig, - Allow: true, + PeerAddr: net.IPNet{ + IP: net.ParseIP(peer.PrimaryAddress()), + Mask: net.CIDRMask(32, 32), + }, + Allow: true, } if _, ok := hostPeerUpdate.PeerIDs[peerHost.PublicKey.String()]; !ok { hostPeerUpdate.PeerIDs[peerHost.PublicKey.String()] = make(map[string]models.IDandAddr) @@ -424,12 +427,6 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { extPeers, extPeerIDAndAddrs, err := getExtPeers(&node) if err == nil { hostPeerUpdate.Peers = append(hostPeerUpdate.Peers, extPeers...) - for _, extPeer := range extPeers { - hostPeerUpdate.IngressInfo.ExtPeers[extPeer.PublicKey.String()] = models.ExtClientInfo{ - ExtPeer: extPeer, - Peers: extClientPeerMap, - } - } for _, extPeerIdAndAddr := range extPeerIDAndAddrs { hostPeerUpdate.PeerIDs[extPeerIdAndAddr.ID] = make(map[string]models.IDandAddr) hostPeerUpdate.PeerIDs[extPeerIdAndAddr.ID][extPeerIdAndAddr.ID] = models.IDandAddr{ @@ -438,6 +435,14 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { Name: extPeerIdAndAddr.Name, Network: node.Network, } + hostPeerUpdate.IngressInfo.ExtPeers[extPeerIdAndAddr.ID] = models.ExtClientInfo{ + Masquerade: true, + ExtPeerAddr: net.IPNet{ + IP: net.ParseIP(extPeerIdAndAddr.Address), + Mask: net.CIDRMask(32, 32), + }, + Peers: extClientPeerMap, + } } } else if !database.IsEmptyRecord(err) { diff --git a/models/mqtt.go b/models/mqtt.go index 32d0e934..10f5b0c7 100644 --- a/models/mqtt.go +++ b/models/mqtt.go @@ -1,6 +1,8 @@ package models import ( + "net" + proxy_models "github.com/gravitl/netclient/nmproxy/models" "golang.zx2c4.com/wireguard/wgctrl/wgtypes" ) @@ -34,13 +36,16 @@ type IngressInfo struct { } type PeerExtInfo struct { - PeerConfig wgtypes.PeerConfig - Allow bool + PeerAddr net.IPNet + PeerKey wgtypes.Key + Allow bool } type ExtClientInfo struct { - ExtPeer wgtypes.PeerConfig - Peers map[string]PeerExtInfo + Masquerade bool + ExtPeerAddr net.IPNet + ExtPeerKey wgtypes.Key + Peers map[string]PeerExtInfo } // NetworkInfo - struct for network info From be741c1b44830ab2515e0c31ee86bd4940f21701 Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Tue, 31 Jan 2023 16:14:00 +0400 Subject: [PATCH 07/11] add json tags --- models/mqtt.go | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/models/mqtt.go b/models/mqtt.go index 10f5b0c7..c8966c5b 100644 --- a/models/mqtt.go +++ b/models/mqtt.go @@ -32,20 +32,20 @@ type HostPeerUpdate struct { } type IngressInfo struct { - ExtPeers map[string]ExtClientInfo + ExtPeers map[string]ExtClientInfo `json:"ext_peers" yaml:"ext_peers"` } type PeerExtInfo struct { - PeerAddr net.IPNet - PeerKey wgtypes.Key - Allow bool + PeerAddr net.IPNet `json:"peer_addr" yaml:"peer_addr"` + PeerKey wgtypes.Key `json:"peer_key" yaml:"peer_key"` + Allow bool `json:"allow" yaml:"allow"` } type ExtClientInfo struct { - Masquerade bool - ExtPeerAddr net.IPNet - ExtPeerKey wgtypes.Key - Peers map[string]PeerExtInfo + Masquerade bool `json:"masquerade" yaml:"masquerade"` + ExtPeerAddr net.IPNet `json:"ext_peer_addr" yaml:"ext_peer_addr"` + ExtPeerKey wgtypes.Key `json:"ext_peer_key" yaml:"ext_peer_key"` + Peers map[string]PeerExtInfo `json:"peers" yaml:"peers"` } // NetworkInfo - struct for network info From 5e9798bb056773e4d501274591eaeff87640edab Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Wed, 1 Feb 2023 10:28:11 +0400 Subject: [PATCH 08/11] add peer keys --- logic/peers.go | 19 ++++++++++++------- models/mqtt.go | 8 ++++---- 2 files changed, 16 insertions(+), 11 deletions(-) diff --git a/logic/peers.go b/logic/peers.go index 7ec822a2..15c2efa2 100644 --- a/logic/peers.go +++ b/logic/peers.go @@ -393,13 +393,17 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { allowedips = append(allowedips, getEgressIPs(&node, &peer)...) } peerConfig.AllowedIPs = allowedips - extClientPeerMap[peerHost.PublicKey.String()] = models.PeerExtInfo{ - PeerAddr: net.IPNet{ - IP: net.ParseIP(peer.PrimaryAddress()), - Mask: net.CIDRMask(32, 32), - }, - Allow: true, + if node.IsIngressGateway { + extClientPeerMap[peerHost.PublicKey.String()] = models.PeerExtInfo{ + PeerAddr: net.IPNet{ + IP: net.ParseIP(peer.PrimaryAddress()), + Mask: net.CIDRMask(32, 32), + }, + PeerKey: peerHost.PublicKey.String(), + Allow: true, + } } + if _, ok := hostPeerUpdate.PeerIDs[peerHost.PublicKey.String()]; !ok { hostPeerUpdate.PeerIDs[peerHost.PublicKey.String()] = make(map[string]models.IDandAddr) hostPeerUpdate.Peers = append(hostPeerUpdate.Peers, peerConfig) @@ -441,7 +445,8 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { IP: net.ParseIP(extPeerIdAndAddr.Address), Mask: net.CIDRMask(32, 32), }, - Peers: extClientPeerMap, + ExtPeerKey: extPeerIdAndAddr.ID, + Peers: extClientPeerMap, } } diff --git a/models/mqtt.go b/models/mqtt.go index c8966c5b..dfc2a541 100644 --- a/models/mqtt.go +++ b/models/mqtt.go @@ -36,15 +36,15 @@ type IngressInfo struct { } type PeerExtInfo struct { - PeerAddr net.IPNet `json:"peer_addr" yaml:"peer_addr"` - PeerKey wgtypes.Key `json:"peer_key" yaml:"peer_key"` - Allow bool `json:"allow" yaml:"allow"` + PeerAddr net.IPNet `json:"peer_addr" yaml:"peer_addr"` + PeerKey string `json:"peer_key" yaml:"peer_key"` + Allow bool `json:"allow" yaml:"allow"` } type ExtClientInfo struct { Masquerade bool `json:"masquerade" yaml:"masquerade"` ExtPeerAddr net.IPNet `json:"ext_peer_addr" yaml:"ext_peer_addr"` - ExtPeerKey wgtypes.Key `json:"ext_peer_key" yaml:"ext_peer_key"` + ExtPeerKey string `json:"ext_peer_key" yaml:"ext_peer_key"` Peers map[string]PeerExtInfo `json:"peers" yaml:"peers"` } From 2ffd3cab723e3cb9788134d1fc3d20e8c30f22a5 Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Wed, 1 Feb 2023 13:40:15 +0400 Subject: [PATCH 09/11] add ingress GW address to route info --- logic/peers.go | 4 ++++ models/mqtt.go | 1 + 2 files changed, 5 insertions(+) diff --git a/logic/peers.go b/logic/peers.go index 15c2efa2..59a86e58 100644 --- a/logic/peers.go +++ b/logic/peers.go @@ -441,6 +441,10 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { } hostPeerUpdate.IngressInfo.ExtPeers[extPeerIdAndAddr.ID] = models.ExtClientInfo{ Masquerade: true, + IngGwAddr: net.IPNet{ + IP: net.ParseIP(node.PrimaryAddress()), + Mask: net.CIDRMask(32, 32), + }, ExtPeerAddr: net.IPNet{ IP: net.ParseIP(extPeerIdAndAddr.Address), Mask: net.CIDRMask(32, 32), diff --git a/models/mqtt.go b/models/mqtt.go index dfc2a541..b343c939 100644 --- a/models/mqtt.go +++ b/models/mqtt.go @@ -42,6 +42,7 @@ type PeerExtInfo struct { } type ExtClientInfo struct { + IngGwAddr net.IPNet `json:"ingress_gw_addr" yaml:"ingress_gw_addr"` Masquerade bool `json:"masquerade" yaml:"masquerade"` ExtPeerAddr net.IPNet `json:"ext_peer_addr" yaml:"ext_peer_addr"` ExtPeerKey string `json:"ext_peer_key" yaml:"ext_peer_key"` From 5d2ff009bf83c938dfe044b7dffc5d6586c1a274 Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Wed, 1 Feb 2023 16:48:41 +0400 Subject: [PATCH 10/11] comments --- models/mqtt.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/models/mqtt.go b/models/mqtt.go index b343c939..062e9d28 100644 --- a/models/mqtt.go +++ b/models/mqtt.go @@ -31,16 +31,19 @@ type HostPeerUpdate struct { IngressInfo IngressInfo `json:"ingress_info" bson:"ext_peers" yaml:"ext_peers"` } +// IngressInfo - struct for ingress info type IngressInfo struct { ExtPeers map[string]ExtClientInfo `json:"ext_peers" yaml:"ext_peers"` } +// PeerExtInfo - struct for peer info for an ext. client type PeerExtInfo struct { PeerAddr net.IPNet `json:"peer_addr" yaml:"peer_addr"` PeerKey string `json:"peer_key" yaml:"peer_key"` Allow bool `json:"allow" yaml:"allow"` } +// ExtClientInfo - struct for ext. client and it's peers type ExtClientInfo struct { IngGwAddr net.IPNet `json:"ingress_gw_addr" yaml:"ingress_gw_addr"` Masquerade bool `json:"masquerade" yaml:"masquerade"` From 58ada4249693e41d3684bde74e054ea8b97982ff Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Wed, 1 Feb 2023 20:05:14 +0400 Subject: [PATCH 11/11] get correct mask based on address type --- logic/peers.go | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/logic/peers.go b/logic/peers.go index 59a86e58..693db5fc 100644 --- a/logic/peers.go +++ b/logic/peers.go @@ -5,6 +5,7 @@ import ( "fmt" "log" "net" + "net/netip" "sort" "strconv" "strings" @@ -394,10 +395,11 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { } peerConfig.AllowedIPs = allowedips if node.IsIngressGateway { + extClientPeerMap[peerHost.PublicKey.String()] = models.PeerExtInfo{ PeerAddr: net.IPNet{ IP: net.ParseIP(peer.PrimaryAddress()), - Mask: net.CIDRMask(32, 32), + Mask: getCIDRMaskFromAddr(peer.PrimaryAddress()), }, PeerKey: peerHost.PublicKey.String(), Allow: true, @@ -443,11 +445,11 @@ func GetPeerUpdateForHost(host *models.Host) (models.HostPeerUpdate, error) { Masquerade: true, IngGwAddr: net.IPNet{ IP: net.ParseIP(node.PrimaryAddress()), - Mask: net.CIDRMask(32, 32), + Mask: getCIDRMaskFromAddr(node.PrimaryAddress()), }, ExtPeerAddr: net.IPNet{ IP: net.ParseIP(extPeerIdAndAddr.Address), - Mask: net.CIDRMask(32, 32), + Mask: getCIDRMaskFromAddr(extPeerIdAndAddr.Address), }, ExtPeerKey: extPeerIdAndAddr.ID, Peers: extClientPeerMap, @@ -1150,3 +1152,15 @@ func getNodeAllowedIPs(peer, node *models.Node) []net.IPNet { } return allowedips } + +func getCIDRMaskFromAddr(addr string) net.IPMask { + cidr := net.CIDRMask(32, 32) + ipAddr, err := netip.ParseAddr(addr) + if err != nil { + return cidr + } + if ipAddr.Is6() { + cidr = net.CIDRMask(128, 128) + } + return cidr +}